CVE-2021-44730

Published: 17 February 2022

snapd 2.54.2 did not properly validate the location of the snap-confine binary. A local attacker who can hardlink this binary to another location to cause snap-confine to execute other arbitrary binaries and hence gain privilege escalation. Fixed in snapd versions 2.54.3+18.04, 2.54.3+20.04 and 2.54.3+21.10.1

Priority

CVSS 3 base score: 7.8

Status

Package	Release	Status
snapd Launchpad, Ubuntu, Debian	bionic	Released (2.54.3+18.04)
	focal	Released (2.54.3+20.04)
	hirsute	Ignored (reached end-of-life)
	impish	Released (2.54.3+21.10.1)
	trusty	Released (2.54.3+14.04~esm1)
	upstream	Released (2.54.3)
	xenial	Released (2.54.3+16.04~esm2)

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44730
https://ubuntu.com/security/notices/USN-5292-1
https://www.openwall.com/lists/oss-security/2022/02/17/2
https://github.com/snapcore/snapd/commit/f3f669d720ed8b0bcb73da7789843bf43b5c16cf
NVD
Launchpad
Debian

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›